oss-sec mailing list archives
CVE-2022-40664: Apache Shiro: Authentication Bypass Vulnerability in Shiro when forwarding or including via RequestDispatcher
From: Brian Demers <bdemers () apache org>
Date: Tue, 11 Oct 2022 22:52:33 -0400
Description: Apache Shiro before 1.10.0, Authentication Bypass Vulnerability in Shiro when forwarding or including via RequestDispatcher. Credit: Apache Shiro would like to thank Y4tacker for reporting this issue
Current thread:
- CVE-2022-40664: Apache Shiro: Authentication Bypass Vulnerability in Shiro when forwarding or including via RequestDispatcher Brian Demers (Oct 12)